<?
require("page.inc");
require("database.inc");
echo $_POST['isbn'];
$isbn=trim($_POST['isbn']);
$title=trim($_POST['title']);
$author=trim($_POST['author']);
$price=trim($_POST['price']);
$editto=new page2();
if(!get_magic_quotes_gpc()){
	$isbn=addslashes($isbn);	
	$title=addslashes($title);	
	$price=addslashes($price);	
	$author=addslashes($author);	
	}
if(!preg_match("/^[0-9]-[0-9]{3}-[0-9]{5}-[0-9]$/",$isbn)){
	$inserbook->display();
	echo "$isbn ISBN Format Wrong!";
	$inserbook->displayfooter();
	exit;
	}
if(!is_numeric($price)){
	$editto->display();
	echo "$price Price Format Wrong!";
	$editto->displayfooter();
	exit;
	}
@$con=new mysqli($lu_host,$lu_user,$lu_psw,$lu_db);
//或者上面两行写成 $con=new sqli('localhost','lustudy_web','123456',';lustudy')
if(mysqli_connect_error()){
	$inserbook->display();
	echo "Databasa connect error!Please Try Again Later.";
	$inserbook->displayfooter();
	exit;
	}
$con->select_db($lu_db);
$updatestr="update books set title='".$title."',author='".$author."',price=".$price." where isbn='".$isbn."'";
$result=$con->query($updatestr);
if(!$result){
	$editto->display();
	echo "更改失败！";
	$editto->displayfooter();
	exit;
	}
header("Location:editbook.php?isbn=".$isbn); 

?>